Energy Security: “Securing the Bulk Electric System”

“Securing the Bulk Electric System”

by Patrick Brown

Excerpt: Although a physical attack on the bulk electric system is always possible, the scope of the operation necessary to make a large scale impact falls outside the capabilities of the most likely attackers; it would simply be too difficult and resource intensive to mount a physical attack of any significance.

Compromising a single or limited number of generation or transmission assets would most likely only have a local or limited regional impact, and could be mitigated in a reasonable amount of time. The operators of the bulk electric system are prepared for all single as well as the most likely multiple facility losses of this nature, and are well prepared to respond.

America’s fleet of nuclear power stations are heavily fortified and protected by well-trained security forces, making them an unattractive target for physical attack …

That leaves a cyber attack as the most likely means of compromising our bulk electric system

Universities, Utility Research Protecting Nation’s Power Grid From Cyber Attacks

“Cybersecurity researchers from four universities and one utility company are working together as part of a Department of Energy (DoE) Center for Securing Electric Energy Delivery Systems (SEEDS) to help safeguard the nation’s power utilities from cyber attacks.

The $12.2 million DoE funded initiative is augmented by $3.1 million in matching funds from the research participants.

The team is led by faculty from the University of Arkansas at Fayetteville and includes faculty from the University of Arkansas at Little Rock, Carnegie Mellon University Lehigh University, researchers from Florida International University’s (FIU) College of Engineering and Computing and the Arkansas Electric Cooperative Corporation.

“A cyber attack on any part of the nation’s power grid could leave millions of people without power, resulting in serious health and safety threats as well as a major economic blow,” said FIU Electrical and Computer Engineering Professor Osama Mohammed, who is leading the team of FIU researchers. “Working together, we hope to reduce the vulnerability of our power grid and ensure the security of our energy delivery systems for the future.”

According to an announcement, In the first half of Fiscal Year 2015, the Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 108 cyber incidents impacting critical infrastructure in the United States.

And as in previous years, the energy sector led all others with the most reported incidents.

Meanwhile, the National Security Agency reported it has seen intrusions into industrial control systems used in the electrical grid by entities with the apparent technical capability “to take down control systems that operate US power grids,” according to the Congressional Research Service (CRS) report, Cybersecurity Issues for the Bulk, prepared for Congress this past June by CRS Specialist in Energy Policy Richard J. Campbell.

“In recent years,” Campbell wrote, “new threats have materialized as new vulnerabilities have come to light, and a number of major concerns have emerged about the resilience and security of the nation’s electric power system. In particular, the cybersecurity of the electricity grid has been a focus of recent efforts to protect the integrity of the electric power system.”

Campbell highlighted that, “The increasing frequency of cyber intrusions on industrial control (IC) systems of critical infrastructure continues to be a concern to the electric power sector. Power production and flows on the nation’s electricity grid are controlled remotely by a number of IC technologies. The National Security Agency reported that it has seen intrusions into IC systems by entities with the apparent technical capability ‘to take down control systems that operate US power grids, water systems and other critical infrastructure.’”

Roughly two decades ago, NSA cyber sleuths reported they’d been able to hack into unnamed utilities’ Supervisory Control and Data Acquisition (SCADA) systems which gave them access to unplug a sizeable portion of the nation’s power grid.

Campbell said, “Many cybersecurity actions are reactive to the last threat discovered. While intrusion detection is a priority, some experts say that mitigation of cyber threats requires a focus on attackers, not the attacks. Cybersecurity strategies may shift from figuring out whether a system has been compromised to an understanding of who authored the malicious software and why. Although malware intrusions may not have resulted in a significant disruption of grid operations so far, they still have been possible even with mandatory standards in place. The North American Electric Reliability Corporation’s (NERC’s) current set of standards, Critical Infrastructure Protection (CIP) Version 5, is moving toward active consideration of bulk electric system security needs rather than just compliance with minimum standards.”